Adobe InDesign < 13.1.1 / 14.x < 14.0.2 Arbitrary Code Execution Vulnerability (APSB19-23)
Critical Nessus Plugin ID 124022
SynopsisThe remote host has an application installed that is affected by Arbitrary Code Execution Vulnerability.
DescriptionThe version of Adobe InDesign installed on the remote Windows host is prior to 13.1.1, or 14.x prior to 14.0.2. It is, therefore, affected by an Arbitrary Code Execution vulnerability due to unsafe hyperlink processing in the Webkit component of MacOS. An authenticated, remote attacker can exploit this issue to cause execution of arbitary code or the application to stop responding.
SolutionUpgrade to Adobe InDesign version 13.1.1 / 14.0.2 or later.